2018-05-06 21:58:06 +00:00
|
|
|
// SPDX-License-Identifier: GPL-2.0+
|
2014-04-04 17:16:53 +00:00
|
|
|
/*
|
|
|
|
* K2HK: secure kernel command file
|
|
|
|
*
|
|
|
|
* (C) Copyright 2012-2014
|
|
|
|
* Texas Instruments Incorporated, <www.ti.com>
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <common.h>
|
|
|
|
#include <command.h>
|
2016-09-16 04:47:12 +00:00
|
|
|
#include <image.h>
|
2016-03-16 13:10:08 +00:00
|
|
|
#include <mach/mon.h>
|
2014-04-04 17:16:53 +00:00
|
|
|
asm(".arch_extension sec\n\t");
|
|
|
|
|
|
|
|
static int do_mon_install(cmd_tbl_t *cmdtp, int flag, int argc,
|
|
|
|
char * const argv[])
|
|
|
|
{
|
2016-09-16 04:47:12 +00:00
|
|
|
u32 addr, dpsc_base = 0x1E80000, freq, load_addr, size;
|
2014-04-04 17:16:53 +00:00
|
|
|
int rcode = 0;
|
2016-09-16 04:47:12 +00:00
|
|
|
struct image_header *header;
|
arm: mach-keystone: Updates mon_install for K2G HS
On early K2 devices (eg. K2HK) the secure ROM code does not support
loading secure code to firewall protected memory, before decrypting,
authenticating and executing it.
To load the boot monitor on these devices, it is necessary to first
authenticate and run a copy loop from non-secure memory that copies
the boot monitor behind firewall protected memory, before decrypting
and executing it.
On K2G, the secure ROM does not allow secure code executing from
unprotected memory. Further, ROM first copies the signed and encrypted
image into firewall protected memory, then decrypts, authenticates
and executes it.
As a result of this, we cannot use the copy loop for K2G. The
mon_install has to be modified to pass the address the signed and
encrypted secure boot monitor image to the authentication API.
For backward compatibility with other K2 devices and K2G GP,
the mon_install API still supports a single argument. In this case
the second argument is set to 0 by u-boot and is ignored by ROM
Signed-off-by: Thanh Tran <thanh-tran@ti.com>
Signed-off-by: Madan Srinivas <madans@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2017-07-17 17:59:15 +00:00
|
|
|
u32 ecrypt_bm_addr = 0;
|
2014-04-04 17:16:53 +00:00
|
|
|
|
|
|
|
if (argc < 2)
|
|
|
|
return CMD_RET_USAGE;
|
|
|
|
|
2015-09-19 10:56:41 +00:00
|
|
|
freq = CONFIG_SYS_HZ_CLOCK;
|
2014-04-04 17:16:53 +00:00
|
|
|
|
|
|
|
addr = simple_strtoul(argv[1], NULL, 16);
|
|
|
|
|
2016-09-16 04:47:12 +00:00
|
|
|
header = (struct image_header *)addr;
|
|
|
|
|
|
|
|
if (image_get_magic(header) != IH_MAGIC) {
|
|
|
|
printf("## Please update monitor image\n");
|
|
|
|
return -EFAULT;
|
|
|
|
}
|
|
|
|
|
|
|
|
load_addr = image_get_load(header);
|
|
|
|
size = image_get_data_size(header);
|
|
|
|
memcpy((void *)load_addr, (void *)(addr + sizeof(struct image_header)),
|
|
|
|
size);
|
|
|
|
|
arm: mach-keystone: Updates mon_install for K2G HS
On early K2 devices (eg. K2HK) the secure ROM code does not support
loading secure code to firewall protected memory, before decrypting,
authenticating and executing it.
To load the boot monitor on these devices, it is necessary to first
authenticate and run a copy loop from non-secure memory that copies
the boot monitor behind firewall protected memory, before decrypting
and executing it.
On K2G, the secure ROM does not allow secure code executing from
unprotected memory. Further, ROM first copies the signed and encrypted
image into firewall protected memory, then decrypts, authenticates
and executes it.
As a result of this, we cannot use the copy loop for K2G. The
mon_install has to be modified to pass the address the signed and
encrypted secure boot monitor image to the authentication API.
For backward compatibility with other K2 devices and K2G GP,
the mon_install API still supports a single argument. In this case
the second argument is set to 0 by u-boot and is ignored by ROM
Signed-off-by: Thanh Tran <thanh-tran@ti.com>
Signed-off-by: Madan Srinivas <madans@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2017-07-17 17:59:15 +00:00
|
|
|
if (argc >= 3)
|
|
|
|
ecrypt_bm_addr = simple_strtoul(argv[2], NULL, 16);
|
|
|
|
|
|
|
|
rcode = mon_install(load_addr, dpsc_base, freq, ecrypt_bm_addr);
|
2016-09-16 04:47:12 +00:00
|
|
|
printf("## installed monitor @ 0x%x, freq [%d], status %d\n",
|
|
|
|
load_addr, freq, rcode);
|
2014-04-04 17:16:53 +00:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
arm: mach-keystone: Updates mon_install for K2G HS
On early K2 devices (eg. K2HK) the secure ROM code does not support
loading secure code to firewall protected memory, before decrypting,
authenticating and executing it.
To load the boot monitor on these devices, it is necessary to first
authenticate and run a copy loop from non-secure memory that copies
the boot monitor behind firewall protected memory, before decrypting
and executing it.
On K2G, the secure ROM does not allow secure code executing from
unprotected memory. Further, ROM first copies the signed and encrypted
image into firewall protected memory, then decrypts, authenticates
and executes it.
As a result of this, we cannot use the copy loop for K2G. The
mon_install has to be modified to pass the address the signed and
encrypted secure boot monitor image to the authentication API.
For backward compatibility with other K2 devices and K2G GP,
the mon_install API still supports a single argument. In this case
the second argument is set to 0 by u-boot and is ignored by ROM
Signed-off-by: Thanh Tran <thanh-tran@ti.com>
Signed-off-by: Madan Srinivas <madans@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2017-07-17 17:59:15 +00:00
|
|
|
U_BOOT_CMD(mon_install, 3, 0, do_mon_install,
|
2014-04-04 17:16:53 +00:00
|
|
|
"Install boot kernel at 'addr'",
|
|
|
|
""
|
|
|
|
);
|
|
|
|
|
|
|
|
static void core_spin(void)
|
|
|
|
{
|
2015-07-08 15:40:14 +00:00
|
|
|
while (1) {
|
|
|
|
asm volatile (
|
|
|
|
"dsb\n"
|
|
|
|
"isb\n"
|
|
|
|
"wfi\n"
|
|
|
|
);
|
|
|
|
}
|
2014-04-04 17:16:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
int do_mon_power(cmd_tbl_t *cmdtp, int flag, int argc,
|
|
|
|
char * const argv[])
|
|
|
|
{
|
|
|
|
int rcode = 0, core_id, on;
|
|
|
|
void (*fn)(void);
|
|
|
|
|
|
|
|
fn = core_spin;
|
|
|
|
|
|
|
|
if (argc < 3)
|
|
|
|
return CMD_RET_USAGE;
|
|
|
|
|
|
|
|
core_id = simple_strtoul(argv[1], NULL, 16);
|
|
|
|
on = simple_strtoul(argv[2], NULL, 16);
|
|
|
|
|
|
|
|
if (on)
|
|
|
|
rcode = mon_power_on(core_id, fn);
|
|
|
|
else
|
|
|
|
rcode = mon_power_off(core_id);
|
|
|
|
|
|
|
|
if (on) {
|
|
|
|
if (!rcode)
|
|
|
|
printf("core %d powered on successfully\n", core_id);
|
|
|
|
else
|
|
|
|
printf("core %d power on failure\n", core_id);
|
|
|
|
} else {
|
|
|
|
printf("core %d powered off successfully\n", core_id);
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
U_BOOT_CMD(mon_power, 3, 0, do_mon_power,
|
|
|
|
"Power On/Off secondary core",
|
|
|
|
"mon_power <coreid> <oper>\n"
|
|
|
|
"- coreid (1-3) and oper (1 - ON, 0 - OFF)\n"
|
|
|
|
""
|
|
|
|
);
|